TOR Network Isn’t So Anonymous

Nov 18, 2014

A new study says it is possible to unmask 81% of TOR users.

A recent research project claims it is possible for a well-funded and powerful entity such as a nation-state to identify up to 81% of people using the so-called TOR anonymity network. The technique relies on traffic analysis and depends on injecting a traffic pattern, such as an HTML file, then monitoring traffic at the exit node.
The study was conducted by a team led by Sambuddho Chakravarty, now with Indraprastha Institute of Information Technology in Delhi, India, while he was a student at Columbia University, New York. According to the paper, costly and time-consuming packet-level traffic analysis is the most accurate means for unmasking anonymous users, but the 81% accuracy is actually achievable using the less accurate but more time-efficient NetFlow monitoring technology built into Cisco routers.
The full methodology described in the paper requires a well-funded and powerful organization such as the NSA or another government-funded agency, but according to the paper, a single autonomous system was able to monitor 39% of randomly generated TOR circuits.
The technique exploits the fact that TOR is designed for low latency. It is unclear at this point whether the TOR creators will have a fix for foiling this monitoring ploy or if another alternative anonymity tool will rise to replace the popular TOR. In either case, the anonymity arms race has started another chapter.

Related content

  • News

    Updates on Technologies, Trends, and Tools

  • Network Monitoring Intro

    If you can’t monitor everything yourself, why not let your computers watch your computers? This month we examine some practical techniques for network monitoring.

  • TGXf Project Warns of File Transfer through Screen Pixels

    Weird data transfer technique avoids all standard security measures.

  • Sneaky New Linux Attack Discovered

    Innovative back door looks like normal SSH traffic.

  • A New Kind of Fish

    My friends at the Biodiversity Research Center (http://specify formatics) are experts in modeling the sudden changes that occur when an ecosystem is disrupted by the arrival of a new foreign species. I’m sure they don’t have a plan for modeling the Linux ecosystem, but if they did, they would also have scientific way of telling us the times they-are-a-changin’. As you probably know, the foreign species that appeared recently in the Linux ecosystem is Novell. High-tech magazines are full of commentaries describing the possible impact Novell might have on the Linux industry, but it is starting to look like the area where Novell presents the greatest mismatch for the indigenous Linux companies is in the game of brand promotion.

comments powered by Disqus

Issue 254/2022

Buy this issue as a PDF

Digital Issue: Price $12.99
(incl. VAT)